Weaponising Red Team Engagements
Fortra has acquired and strategically integrated Red Macros Factory (RMF), an Initial Access Framework designed to significantly reduce the time, effort, and complexity involved in the weaponisation stage of red team engagements.
What is RMF?
RMF is an initial access framework and the result of three years of research-driven development focused on a core red team challenge: to reduce the time and resources required to create deployment-ready, fully weaponised, obfuscated payloads. And to achieve this without extensive internal tooling development, manual effort, or unnecessary operational risk.
RMF generates weaponised file format vectors across Windows and macOS, enabling realistic, complex initial access scenarios in minutes that would traditionally take days to develop. Removing the margin for operator error—especially for teams without dedicated internal R&D resources.
By streamlining payload creation and delivery, RMF allows red teams to move faster while maintaining realism and operational quality.
The Initial Access Problem RMF Solves
Initial access is often the most tedious and error-prone phase of an engagement. Creating realistic infection chains typically requires:
- Designing payload logic
- Stitching together multiple file formats
- Ensuring execution reliability
- Maintaining OPSEC and evasion
- Repeating the process for each new scenario
Rather than forcing teams to reinvent the weaponisation wheel, RMF allows operators to shift their focus toward later engagement stages such as lateral movement, post-exploitation, and adversary emulation.
> Read more about Fortra and red teams. Link.
Accelerating the Weaponisation Phase
Initial access remains one of the most resource-intensive phases of an engagement. Building realistic, obfuscated, deployment-ready payloads often requires days of development, testing, and refinement. RMF addresses this challenge by enabling the generation of fully weaponised payloads in minutes.
The framework produces production-ready payloads using multiple attack strategies, tactics, and file format vectors. It supports a wide range of initial access scenarios across Windows and macOS, allowing red teams to simulate realistic adversary behaviour without starting from scratch for each engagement.
By reducing time spent on repetitive tooling tasks, RMF helps teams minimise human error, conserve limited resources, and focus on higher-value operational decisions.
Integrating RMF into Outflank Security Tooling
As part of the acquisition, RMF functionality will be integrated into Outflank Security Tooling (OST) later this year, extending OST’s coverage across the earliest phase of the attack chain extending OST’s coverage across the earliest phase of the attack chain.
Outflank is Fortra’s dedicated offensive security research and tooling team, focused on developing advanced capabilities for professional red team operators.
The OST team specialises in evasion, tradecraft development, and post-exploitation tooling, with a strong emphasis on staying ahead of modern defensive controls such as EDR, XDR, and behavioural detection systems.
OST is designed to support complex red team engagements by reducing operational friction while preserving flexibility and control. Rather than providing rigid, one-size-fits-all tools, OST focuses on enabling operators to adapt techniques, chain capabilities, and respond dynamically to changing defensive conditions.
Integrating RMF into OST extends this philosophy to the initial access phase. The result is a more cohesive offensive toolkit that supports red team operations from first access through later stages of the attack chain, while maintaining realism and efficiency.
What RMF brings to Outflank Security Tooling
RMF generates 105+ weaponised file format vectors across Windows and macOS, covering a wide range of real-world initial access scenarios, including:
- Malicious Office documents
(Excel, Word, PowerPoint, Publisher, Visio, Project, Access)
- Malicious LNKs and MSIs with multiple built-in execution strategies
- HTML and SVG Smuggling with anti-headless and evasive techniques
- ClickOnce deployments
(.application, .manifest, .appref-ms)
- Nested container formats
(ZIP, ISO, IMG, WIM, VHD, CAB, PDF, CPIO, CPGZ, Office OLE objects)
- WSH script formats
(VBS, VBE, JS, JSE, HTA, WSF, SCT, WSC, XSL)
- CHM and URL files
- Exotic vectors
(MSG, DIAGCAB, INF)
- macOS macro-enabled Office documents and JXA scripts
- And additional vectors designed for niche and edge-case scenarios
What this means for Red Teams
With RMF becoming part of OST, it allows red teams to quickly adapt weaponisation techniques to different targets, delivery methods, and defensive environments.
- Faster generation of deployment-ready initial access payloads
- Reduced reliance on time-consuming internal R&D
- Built-in obfuscation and weaponisation across multiple file formats
- Broader platform coverage across Windows and macOS
- More time to focus on strategy, creativity, and adaptive tradecraft
Together, RMF and OST aim to reduce friction across red team operations while increasing realism and operational effectiveness.
A Strategic Investment in Offensive Security
With RMF integrated into OST, Fortra continues to invest in offensive security as a long-term strategic capability. The result is a more cohesive, research-driven platform that reduces friction, improves realism, and enables red teams to spend more time where it matters most—on strategy, creativity, and adaptive tradecraft.